<?php
    include("../includes/config.php");
    include("../includes/connection.php");
    include("../includes/database.php");
    
    session_start();
    
    $hashed_password = md5($_POST["password"]);

    $sql =  "SELECT * FROM authors WHERE email = '" . 
            $_POST["email"] .
            "' AND password = '" .
            $hashed_password .
            "';";
    
    $result = mysql_query($sql);
    
    if (!$result) {
        die("Error! Tidak dapat menjalankan query: " . mysql_error());
    }
    else {
        if (mysql_num_rows($result) > 0) {
            /* Login Successful */
            
            /* Get user data from database */
            $user = mysql_fetch_assoc($result);
            
            /* Declare new User Session */
            $_SESSION["user_id"]    = $user["id"];
            $_SESSION["user_name"]  = $user["name"];
            $_SESSION["user_email"] = $user["email"];
            $_SESSION["user_level"] = $user["role"];
            
            header("location:dashboard.php");
        }
        else {
            /* Login Unsuccessful */
            echo "No! :(";
        }
    }
?>